From 211b9e552ddd0d612c7963e34d6fb2791a841ae7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Mar 2000 10:22:12 +0000 Subject: curl_unescape() could make a buffer overflow --- lib/escape.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/escape.c b/lib/escape.c index 68000cd71..274cd2dcd 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -47,7 +47,7 @@ char *curl_escape(char *string) { - int alloc=strlen(string); + int alloc=strlen(string)+1; char *ns = malloc(alloc); unsigned char in; int newlen = alloc; @@ -83,7 +83,7 @@ char *curl_escape(char *string) char *curl_unescape(char *string) { - int alloc = strlen(string); + int alloc = strlen(string)+1; char *ns = malloc(alloc); unsigned char in; int index=0; -- cgit v1.2.3